CVE-2023-49923

Enterprise Search Insertion of Sensitive Information into Log File

CVSS 6.8 MEDIUMEPSS 0.6%CWE-532

Vexday Risk Score

13Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 6.8EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

12 Dec 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead to the insertion of sensitive or private information in the App Search logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by changing the log level at which these are logged to DEBUG, which is disabled by default.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected products

Elastic · Enterprise Search

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://discuss.elastic.co/t/enterprise-search-8-11-2-7-17-16-security-update-esa-2023-31/349181 https://www.elastic.co/community/security